Merge branch 'master' into feat/licenses/acknowledgement-should-be-unique

Author: jkowalleck

.github/ISSUE_TEMPLATE/1-feature.md

@@ -1,13 +1,13 @@
 ---
 name: Feature request
-about: Request or propose a core enhancement or feature 
+about: Request or propose a core enhancement or feature
 title: "[FEATURE]: <your title here>"
 labels: proposed core enhancement
 
 ---
 
-<!-- 
-THank you for taking the time to file a feature request or core enhancement proposal 
+<!--
+Thank you for taking the time to file a feature request or core enhancement proposal.
 -->
 
 ## Describe the feature
@@ -18,7 +18,7 @@ Please include scopes and out-of-scopes.
 
 ## Possible solutions
 
-Do you have asolution in mind> Please describe.
+Do you have a solution in mind? Please describe.
 What is to be considdered? Any draw-backs?
 
 ## Alternatives

.github/ISSUE_TEMPLATE/2-defect.md

@@ -6,8 +6,8 @@ labels: defect
 
 ---
 
-<!-- 
-THank you for taking the time to file a report.  
+<!--
+Thank you for taking the time to file a report.
 -->
 
 ## Describe the defect

.github/ISSUE_TEMPLATE/config.yml

@@ -3,9 +3,9 @@ contact_links:
   - name: Discussions
     url: https://github.com/CycloneDX/specification/discussions
     about: Please ask and answer questions here.
-  - name: Community slack support channel
+  - name: Community Slack support channel
     url: https://cyclonedx.slack.com/archives/CVA0G10FN
-    about: Community slack channel.
-  - name: Community slack invite
+    about: Community Slack channel.
+  - name: Community Slack invite
     url: https://cyclonedx.org/slack/invite
-    about: Community slack invite.
+    about: Community Slack invite.

.github/workflows/build_docs.yml

@@ -9,6 +9,9 @@ on:
 env:
   PYTHON_VERSION_DEFAULT: "3.10"
 
+# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+permissions: {}
+
 jobs:
   docs_xml:
     runs-on: ubuntu-latest
@@ -18,10 +21,10 @@ jobs:
     steps:
     - name: Checkout
       # see https://github.com/actions/checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Set up JDK
       # see https://github.com/actions/setup-java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         java-version: '21'
         distribution: 'zulu'
@@ -30,7 +33,7 @@ jobs:
       run: ./gen.sh
     - name: Archive Schema documentation
       # https://github.com/actions/upload-artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v6
       with:
         name: XML-Schema-documentation
         path: docgen/xml/docs
@@ -43,18 +46,18 @@ jobs:
     steps:
     - name: Checkout
       # see https://github.com/actions/checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Python Environment
       # see https://github.com/actions/setup-python
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v6
       with:
         python-version: ${{ env.PYTHON_VERSION_DEFAULT }}
         architecture: 'x64'
     - name: Generate Schema documentation
       run: ./gen.sh
     - name: Archive Schema documentation
       # https://github.com/actions/upload-artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v6
       with:
         name: JSON-Schema-documentation
         path: docgen/json/docs
@@ -67,12 +70,12 @@ jobs:
     steps:
     - name: Checkout
       # see https://github.com/actions/checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Generate Schema documentation
       run: ./gen.sh
     - name: Archive Schema documentation
       # https://github.com/actions/upload-artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v6
       with:
         name: PROTO-Schema-documentation
         path: docgen/proto/docs

.github/workflows/bundle_2.0_schemas.yml

@@ -0,0 +1,58 @@
+name: Bundle CycloneDX 2.0 JSON Schemas
+
+on:
+  push:
+    branches:
+      - 2.0-dev
+      - 2.0-dev-threatmodeling
+    paths:
+      - 'schema/2.0/**/*.schema.json'
+      - 'tools/src/main/js/bundle-schemas.js'
+  workflow_dispatch:  # Allows manual trigger
+
+jobs:
+  bundle-schemas:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: write  # Required to push changes
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        working-directory: tools/src/main/js
+        run: npm install
+
+      - name: Bundle schemas
+        working-directory: tools/src/main/js
+        run: |
+          node bundle-schemas.js \
+            ../../../../schema/2.0/model \
+            ../../../../schema/2.0/cyclonedx-2.0.schema.json
+
+      - name: Check for changes and commit
+        run: |
+          BUNDLED_FILE="schema/2.0/cyclonedx-2.0-bundled.schema.json"
+          
+          # Add the file (works for both new and modified files)
+          git add "$BUNDLED_FILE"
+          
+          # Check if there are staged changes
+          if git diff --staged --quiet; then
+            echo "No changes to bundled schema"
+          else
+            echo "Committing bundled schema changes"
+            git config --local user.email "github-actions[bot]@users.noreply.github.com"
+            git config --local user.name "github-actions[bot]"
+            git commit -m "chore: update bundled schema [skip ci]"
+            git push
+          fi

.github/workflows/generate_algorithm_families.yml

@@ -0,0 +1,63 @@
+name: Generate Algorithm Families Enum
+
+on:
+  push:
+    paths:
+      - 'schema/cryptography-defs.json'
+      - 'tools/src/main/python/algorithmFamilyGeneration.py'
+  workflow_dispatch:
+
+jobs:
+  generate-families:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          persist-credentials: false
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Run algorithm family generator
+        working-directory: tools/src/main/python
+        run: python3 algorithmFamilyGeneration.py
+
+      - name: Create Pull Request
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          BRANCH_NAME="update-algorithm-families"
+          
+          # Configure Git
+          git config --local user.email "github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+          
+          # Check for changes
+          if git diff --quiet schema/cryptography-defs.schema.json; then
+            echo "No changes to algorithm families"
+            exit 0
+          fi
+          
+          # Create branch and commit
+          git checkout -b "$BRANCH_NAME"
+          git add schema/cryptography-defs.schema.json
+          git commit -m "chore: update algorithm families [skip ci]"
+          
+          # Push to the branch (use GH_TOKEN for authentication)
+          git push -u "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git" "$BRANCH_NAME" --force
+          
+          # Create Pull Request using GitHub CLI (gh)
+          gh pr create \
+            --title "chore: update algorithm families" \
+            --body "This PR updates \`schema/cryptography-defs.schema.json\` with the latest algorithm families generated from \`schema/cryptography-defs.json\`." \
+            --base "master" \
+            --head "$BRANCH_NAME" || echo "Pull request already exists"

.github/workflows/test_java.yml

@@ -14,16 +14,19 @@ defaults:
   run:
     working-directory: tools
 
+# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+permissions: {}
+
 jobs:
-  test:
+  test_java:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
       # see https://github.com/actions/checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Set up JDK
       # see https://github.com/actions/setup-java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         java-version: '8'
         distribution: 'zulu'

.github/workflows/test_js.yml

@@ -16,20 +16,24 @@ defaults:
   run:
     working-directory: tools/src/test/js
 
+# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+permissions: {}
+
 jobs:
-  test:
+  test_js:
     timeout-minutes: 30
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         # see https://github.com/actions/checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Setup Node.js
         # see https://github.com/actions/setup-node
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: '20.x'
-      - name: Install Depenencies
+          node-version: '24.x'
+          package-manager-cache: false
+      - name: Install Dependencies
         run: npm install
       - name: Run test 
         run: npm test

.github/workflows/test_php.yml

@@ -16,19 +16,22 @@ defaults:
   run:
     working-directory: tools/src/test/php
 
+# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+permissions: {}
+
 jobs:
-  test:
+  test_php:
     timeout-minutes: 30
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         # see https://github.com/actions/checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Setup PHP
         # see https://github.com/shivammathur/setup-php
         uses: shivammathur/setup-php@v2
         with:
-          php-version: "8.1"
+          php-version: "8.4"
           tools: composer:v2
       - name: Install Depenencies
         run: composer install

.github/workflows/test_proto.yml

@@ -16,13 +16,16 @@ defaults:
   run:
     working-directory: tools/src/test/proto
 
+# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
+permissions: {}
+
 jobs:
-  test:
+  test_proto:
     timeout-minutes: 30
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         # see https://github.com/actions/checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Run test
         run: ./test.sh